﻿using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Xml.Linq;
using System.Web.Services;

using System.Data.SqlClient;
using System.Web.Configuration;
using System.Security.Cryptography;
using System.Text;

namespace HoaDon
{
	public partial class Register : System.Web.UI.Page
	{
		private DataTable dtUserInfo;
		protected void Page_Load(object sender, EventArgs e)
		{
			try
			{
				if (!IsPostBack)
				{
					if (System.Web.HttpContext.Current.User.Identity.IsAuthenticated == true)
						if (User.Identity.Name.ToUpper() != "DEMO001")
							LoadData();
				}
			}
			catch
			{
				Response.Redirect("~/Error.aspx", false);
			}
		}

		private void LoadData()
		{
			SqlConnection proxyConn = new SqlConnection(WebConfigurationManager.ConnectionStrings["proxyconn"].ConnectionString);
			proxyConn.Open();

			SqlCommand sqlComm = new SqlCommand("SELECT * FROM userinfo WHERE UPPER(UserID) = @UserID", proxyConn);
			sqlComm.CommandType = CommandType.Text;
			sqlComm.Parameters.Add("@UserID", SqlDbType.VarChar).Value = System.Web.HttpContext.Current.User.Identity.Name.ToUpper();
			SqlDataAdapter sqlDA = new SqlDataAdapter();
			sqlDA.SelectCommand = sqlComm;
			dtUserInfo = new DataTable();
			sqlDA.Fill(dtUserInfo);
			proxyConn.Close();
			proxyConn.Dispose();

			txtCompany.Text = dtUserInfo.Rows[0]["Company"].ToString();
			txtPhone.Text = dtUserInfo.Rows[0]["Phone"].ToString();
			txtEmail.Text = dtUserInfo.Rows[0]["Email"].ToString();
			txtAddress.Text = dtUserInfo.Rows[0]["Address"].ToString();
		}

		private bool CheckExistUserID(string userID)
		{
			SqlConnection proxyConn = new SqlConnection(WebConfigurationManager.ConnectionStrings["proxyconn"].ConnectionString);
			proxyConn.Open();

			SqlCommand sqlComm = new SqlCommand("SELECT UserID  FROM userinfo WHERE UPPER(UserID) = @UserID", proxyConn);
			sqlComm.CommandType = CommandType.Text;
			sqlComm.Parameters.Add("@UserID", SqlDbType.VarChar).Value = userID.ToUpper();
			SqlDataAdapter sqlDA = new SqlDataAdapter();
			sqlDA.SelectCommand = sqlComm;
			DataTable dtUser = new DataTable();
			sqlDA.Fill(dtUser);

			proxyConn.Close();
			proxyConn.Dispose();

			if (dtUser.Rows.Count > 0)
				return true;
			else
				return false;
		}

		private bool CheckExistEmail(string email)
		{
			SqlConnection proxyConn = new SqlConnection(WebConfigurationManager.ConnectionStrings["proxyconn"].ConnectionString);
			proxyConn.Open();

			SqlCommand sqlComm = new SqlCommand("SELECT Email FROM userinfo WHERE UPPER(Email) = @Email", proxyConn);
			sqlComm.CommandType = CommandType.Text;
			sqlComm.Parameters.Add("@Email", SqlDbType.VarChar).Value = email.ToUpper();
			SqlDataAdapter sqlDA = new SqlDataAdapter();
			sqlDA.SelectCommand = sqlComm;
			DataTable dtEmail = new DataTable();
			sqlDA.Fill(dtEmail);

			proxyConn.Close();
			proxyConn.Dispose();

			if (dtEmail.Rows.Count > 0)
				return true;
			else
				return false;
		}

		//Chi TK goc duoc phep tao tk con
		private bool CheckParentUser(string userid)
		{
			SqlConnection proxyConn = new SqlConnection(WebConfigurationManager.ConnectionStrings["proxyconn"].ConnectionString);
			proxyConn.Open();

			SqlCommand sqlComm = new SqlCommand("SELECT ParentUser FROM Userinfo WHERE UPPER(UserID) = @UserID", proxyConn);
			sqlComm.CommandType = CommandType.Text;
			sqlComm.Parameters.Add("@UserID", SqlDbType.VarChar).Value = userid.ToUpper();
			SqlDataAdapter sqlDA = new SqlDataAdapter();
			sqlDA.SelectCommand = sqlComm;
			DataTable dtUser = new DataTable();
			sqlDA.Fill(dtUser);

			proxyConn.Close();
			proxyConn.Dispose();

			if (dtUser.Rows.Count > 0)
				if (dtUser.Rows[0]["ParentUser"] == DBNull.Value || dtUser.Rows[0]["ParentUser"].ToString() == "")
					return true;
				else
					return false;
			else
				return false;
		}

		protected void btnOk_Click(object sender, EventArgs e)
		{
			try
			{
				if (System.Web.HttpContext.Current.User.Identity.IsAuthenticated == true)
				{
					if (CheckParentUser(System.Web.HttpContext.Current.User.Identity.Name.ToUpper()) == false)
					{
						spAdminAccountWrn.InnerText = "  Tài khoản đang đăng nhập không được phép tại tài khoản con";
						return;
					}
				}
				bool check = true;
				if (CheckExistUserID(txtAgentID.Text.Trim()))
				{
					check = false;
					wrnAgentExist.InnerText = "  Tài khoản đã được đăng kí";
				}
				else
				{
					wrnAgentExist.InnerText = "";
				}
				if (CheckExistEmail(txtEmail.Text.Trim()))
				{
					check = false;
					wrnEmailExist.InnerText = "  Email đã được đăng kí";
				}
				else
				{
					wrnEmailExist.InnerText = "";
				}

				if (check == true)
				{
					SqlConnection proxyConn = new SqlConnection(WebConfigurationManager.ConnectionStrings["proxyconn"].ConnectionString);
					proxyConn.Open();

					SqlCommand sqlComm = new SqlCommand("INSERT INTO userinfo (UserID, Password, ParentUser, UserName, Company, Phone, Email, Address, FK_DatabaseID, Status, DateCreate) VALUES (@UserID, @Password, @ParentUser, @UserName, @Company, @Phone, @Email, @Address, @FK_DatabaseID, @Status, @DateCreate)", proxyConn);
					sqlComm.CommandType = CommandType.Text;
					sqlComm.Parameters.Add("@UserID", SqlDbType.VarChar).Value = txtAgentID.Text.Trim().ToUpper();
					sqlComm.Parameters.Add("@Password", SqlDbType.VarChar).Value = Enc.Encrypt(txtPassword.Text.Trim(), txtAgentID.Text.Trim().ToUpper());
					sqlComm.Parameters.Add("@UserName", SqlDbType.NVarChar).Value = txtAgentName.Text.Trim();
					sqlComm.Parameters.Add("@Company", SqlDbType.NVarChar).Value = txtCompany.Text.Trim();
					sqlComm.Parameters.Add("@Phone", SqlDbType.VarChar).Value = txtPhone.Text.Trim();
					sqlComm.Parameters.Add("@Email", SqlDbType.VarChar).Value = txtEmail.Text.Trim();
					sqlComm.Parameters.Add("@Address", SqlDbType.NVarChar).Value = txtAddress.Text.Trim();
					sqlComm.Parameters.Add("@DateCreate", SqlDbType.DateTime).Value = DateTime.Now;
					if (System.Web.HttpContext.Current.User.Identity.IsAuthenticated == true && User.Identity.Name.ToUpper() != "DEMO001")
					{
						SqlCommand sqlComm2 = new SqlCommand("SELECT FK_DatabaseID FROM userinfo WHERE UPPER(UserID) = @UserID", proxyConn);
						sqlComm2.CommandType = CommandType.Text;
						sqlComm2.Parameters.Add("@UserID", SqlDbType.VarChar).Value = System.Web.HttpContext.Current.User.Identity.Name.ToUpper();
						SqlDataAdapter sqlDA2 = new SqlDataAdapter();
						sqlDA2.SelectCommand = sqlComm2;
						DataTable dtUserInfo2 = new DataTable();
						sqlDA2.Fill(dtUserInfo2);

						sqlComm.Parameters.Add("@ParentUser", SqlDbType.VarChar).Value = System.Web.HttpContext.Current.User.Identity.Name.ToUpper();
						sqlComm.Parameters.Add("@FK_DatabaseID", SqlDbType.NVarChar).Value = dtUserInfo2.Rows[0]["FK_DatabaseID"].ToString();
						sqlComm.Parameters.Add("@Status", SqlDbType.VarChar).Value = "1";
					}
					else
					{
						sqlComm.Parameters.Add("@ParentUser", SqlDbType.VarChar).Value = DBNull.Value;
						sqlComm.Parameters.Add("@FK_DatabaseID", SqlDbType.NVarChar).Value = DBNull.Value;
						sqlComm.Parameters.Add("@Status", SqlDbType.VarChar).Value = "0";
					}
					sqlComm.ExecuteNonQuery();

					proxyConn.Close();
					proxyConn.Dispose();
				}
				if (check == true)
					Response.Redirect("~/RegisterSuccess.aspx", false);
			}
			catch
			{
				Response.Redirect("~/Error.aspx", false);
			}
		}
	}
}
